[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    [pamldap] udp port for dns
From:       Adam Denenberg <adam () dberg ! org>
Date:       2004-12-14 13:45:18
Message-ID: 1103031917.10965.4.camel () sucka
[Download RAW message or body]

Has anyone come into an issue with the amount of DNS requests that
pam_ldap makes when configured for ssh?  We are encountering an issue
where the amount of dns requests that pam_ldap is quite a bunch (6 or 7
it seems).  However the issue is even greater than that.  On our redhat
8 kernel 2.6.8.1, openldap 2.2.17, pam_ldap 176 system, the kernel seems
to be re-using the same high number port when making dns queries.  This
is causing the firewall to discard some of them and cause a time out. 
Has anyone seen this behavior?  here is a capture..

thanks for any info..its basically a bunch of these before a login:

17:30:37.694087 ldap2.example.com.32829 > pdns3.example.com.domain: 
22923+ A? ldap.example.com. (40) (DF)
17:30:37.694633 pdns3.example.com.domain > ldap2.example.com.32829: 
22923* 1/2/0 A ldap.example.com (110) (DF)
17:30:39.704979 ldap2.example.com.32829 > pdns3.example.com.domain: 
22925+ A? ldap.example.com. (40) (DF)
17:30:39.705569 pdns3.example.com.domain > ldap2.example.com.32829: 
22925* 1/2/0 A ldap.example.com (110) (DF)
17:30:39.763348 ldap2.example.com.32829 > pdns3.example.com.domain: 
22925+ A? ldap.example.com. (40) (DF)
17:30:44.763686 ldap2.example.com.32829 > pdns3.example.com.domain: 
22925+ A? ldap.example.com. (40) (DF)




[prev in list] [next in list] [prev in thread] [next in thread]